Link to home
Start Free TrialLog in
Avatar of Xygus02
Xygus02

asked on

How Do You Tell if You're Being Hacked?!

What I wants to know is how can you tell if someone has stolen any personal information from your computer, if they managed to get into your computer, or attempt to get into ur computer.  There has to be a way to tell all connections ever made to the computer.

The only way I knows is netstat (-a -b -n -v -etc)  I knows how to use all those commands.

But is there other ways too tell as well.  Cause lately my internet speed was up and down.  Sometimes when I sends a file or surf the web it's really fast then 5 minutes later the internet goes really slow.  I have broadband and sometimes I gets 5 kbps then another while after I gets 100 kbps.  Seems a little suspiscious and I want to take a closer look into the matter.

So if anyone knows of all the ways to tell all of the connections ever made to this computer.  From startup to shutdown, keep a log of all connections?   Any comments?
Avatar of Xygus02
Xygus02

ASKER

Note:   my svchost.exe  shows up in my netstat, but my firewall blocks all connections made to and from my computer.  Should I be weary of this connection?
Depending on your system -
you'll have multiple copies of svchost.exe running from:
C:\WINDOWS\System32
or -
C:\WINNT\System32
These are legitimate processes.

Cheers!
RF
ASKER CERTIFIED SOLUTION
Avatar of smconsult
smconsult
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Xygus02

ASKER

I'm using Norton Personal Firewall 2003
and the firewall Service Pack 2 comes with.
I'm not familiar with the logging capabilities of Norton.

If you were using a hardware firewall of some sort, you could use a Syslog program like Kiwi to log all of the incoming and outgoing connections.  For example, I'm using a Linksys BEFSR81 at the house, and an RV082 at work, and both are dumping their logs to Kiwi for forwarding to Dshield.org.

Are you on dial-up, or broadband?  (From the speeds you mentioned in your original question, it sounds like you're on dial-up.)

Sean
Could be a bad network adaptor, wiring inside or outside.  Try opening a cmd window and do a continuous ping (e.g. ping -t google.com) to see if dropped packets or high latency during the slow periods.
No more replys to this question plz.  Xygus02 has been suspended cause experts-exchange suspected me of more then one account.  So I need to end this question immediately, thou I don't have the power to accept any of your answers.  But an admin might be able to do it for me.  If I had to choose anyone here to be rewarded, I would choose smconsult cause he told me about Dshield.org which I am going to use once I knows what my SMTP is.

thx